urlscan.io logo urlscan.io
SecurityTrails logo

oncorretor.com.br Open in urlscan Pro
2606:4700:3037::ac43:a841  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://araujodiascorretora.com.br/
Effective URL: https://oncorretor.com.br/
Submission Tags: phishingrod
Submission: On March 11 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 86 HTTP transactions. The main IP is 2606:4700:3037::ac43:a841, located in United States and belongs to CLOUDFLARENET, US. The main domain is oncorretor.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time oncorretor.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
araujodiascorretora.com.br
32    2606:4700:3037::ac43:a841 (United States)

ASN13335 (CLOUDFLARENET, US)
oncorretor.com.br
construtor.oncorretor.com.br
3    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
geolocation.onetrust.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    64.185.227.155 (United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-155.static.webnx.com
api.ipify.org
10    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
32 oncorretor.com.br
oncorretor.com.br
construtor.oncorretor.com.br
3 MB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
324 KB
12 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5093
geolocation.onetrust.com — Cisco Umbrella Rank: 588
134 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 82
845 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
jnn-pa.googleapis.com — Cisco Umbrella Rank: 215
121 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
static.doubleclick.net — Cisco Umbrella Rank: 241
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
2 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
9 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 9281
408 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2634
142 B
1 araujodiascorretora.com.br
araujodiascorretora.com.br
885 B
0 mstech.com.br Failed
t-construtor.mstech.com.br Failed
86 14
Domain Requested by
20 oncorretor.com.br oncorretor.com.br
12 construtor.oncorretor.com.br oncorretor.com.br
10 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
10 cdn-ukwest.onetrust.com oncorretor.com.br
cdn-ukwest.onetrust.com
9 www.youtube.com oncorretor.com.br
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
3 fonts.googleapis.com oncorretor.com.br
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google.com oncorretor.com.br
www.youtube.com
2 www.google-analytics.com oncorretor.com.br
www.google-analytics.com
2 geolocation.onetrust.com cdn-ukwest.onetrust.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.google.nl oncorretor.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 api.ipify.org oncorretor.com.br
1 araujodiascorretora.com.br 1 redirects
0 t-construtor.mstech.com.br Failed oncorretor.com.br
86 20
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-11-26 -
2023-11-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://oncorretor.com.br/
Frame ID: 25BB6B99AA464F4398A921D17C75EB60
Requests: 64 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Frame ID: E7C74919A4CC8A60980E742B4346181C
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OnCorretor Back ButtonFilter Button

Page URL History Show full URLs

  1. https://araujodiascorretora.com.br/ HTTP 301
    https://oncorretor.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

95 %
HTTPS

94 %
IPv6

14
Domains

20
Subdomains

17
IPs

3
Countries

4093 kB
Transfer

7980 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://araujodiascorretora.com.br/ HTTP 301
    https://oncorretor.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oncorretor.com.br/
Redirect Chain
  • https://araujodiascorretora.com.br/
  • https://oncorretor.com.br/
97 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET ARR/3.0
Resource Hash
275b9876fa1f727a6c8b4307f0817aa7bf57880d286b14aad6828e433f9e7a41
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7a61a916eb749bd0-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 11 Mar 2023 06:15:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xC52JR3idTLdsmug6LvAStgsf4lVf4HSBxfHh1VTREqQdFNkvSwWHxK%2FrfVq%2F%2FE1acVFpgAQTdn4hcCjOQIUh7%2F8Y91SJp%2FiNOArhgoyHBuM4smCqocLbcMNQ5ySg8da4TBOiT1ZIwZcL0jLXxxKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
statustext
OK
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-frame-options
AllowAll
x-powered-by
ASP.NET ARR/3.0
x-ua-compatible
IE=edge

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7a61a9135b230ae1-AMS
content-type
text/html; charset=utf-8
date
Sat, 11 Mar 2023 06:15:00 GMT
location
https://oncorretor.com.br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYsg2HFhb9d9yoWUhK6yo5hDrq1%2By6PabAMJPO662sG5V6HFVWZCFhtAIkKi9jdmqfawcBDaoict%2FhP7iIN7PAD74x1b6cN5B98xz8ZcdT%2FpwvrdTh7kLMqRkgQvZFnUPhjiIXITFmMGu5aP%2BL5%2BZ6TGeKqmckJNDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
statustext
Moved Permanently
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-frame-options
AllowAll
x-powered-by
ASP.NET ARR/3.0
x-ua-compatible
IE=edge
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29a33a79af48c8ad7d48d1a3855b17c954160b7c68a2b0213236330b61e8149e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Mar 2023 06:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Mar 2023 04:23:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Mar 2023 06:15:01 GMT
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Mar 2023 06:15:01 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Ewgd1d1Vp0nFNYpIMiFTtA==
age
45482
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
8460
x-ms-lease-status
unlocked
last-modified
Tue, 28 Feb 2023 21:23:24 GMT
server
cloudflare
etag
0x8DB19D206887DE0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e3d99a9a-801e-001e-7ce4-51fe76000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a61a91c5af80e70-AMS
expires
Sun, 12 Mar 2023 06:15:01 GMT
ThemesBase.min.css
oncorretor.com.br/content/bundles/ 		220 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
8da30421af9bdda9d9ffa1e2a02f91c4b8b4e6983cb3c9e559627d96ab710d2c
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:01 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:44 GMT
server
cloudflare
etag
W/"0294ba43ed91:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bo8MynV4sZBcPoyXPAdbIzVfPdGEyVcQTD6lRmFYs1LGhvc%2BMItHcUE%2BKWNf6T2my%2F6WY90Cv6D10ke3zQKRAVOsmz8LbT5PEu1zcgENs8d18Kx5zdaS4cZf0qMyYkfptM9H9ig6vxLiDxfkCvB3bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a61a919ce9c9bd0-FRA
statustext
OK
Tema_VinteDois.min.css
oncorretor.com.br/content/bundles/ 		55 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
4668c1865157dba21d7a7e72a1007e3513a59c16eee8a1740f6c2faa69ff83e9
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:43 GMT
server
cloudflare
etag
W/"a75e80ba43ed91:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BD%2FTZod1MWWC3wwjdVUt%2FmzvlhtYY3WuoLsoHDmyWKQI1JQq3LJwFtnIa1UtrlXezriZiG71tEoOkytw6ZiGcKQc%2BER4Htb%2F1YzLBqz1pYRMOg0c5JU45s9ORhlSqjJ10%2FA07Ob0kPUHqaGzWNy6Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a61a919ce9f9bd0-FRA
statustext
OK
bundleModernizr.min.js
oncorretor.com.br/scripts/bundles/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleModernizr.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
228e5724f42da8822bb4c023aa371dd929c43657c76a7a0cb6b13f555a29f79a
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:58 GMT
server
cloudflare
etag
W/"03decc243ed91:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FYbrbdAsACfRUH5pfT4qfTlRtxCRj%2FOBGYv0srDLxZLPDQY4h5Kvs6UQClInrMjOxCM2uyiD9j6qaxFhojfCr0Bunt25y7jTMkhngSjh3tYXrzhVx3Oeec8Mn9tyB9KZpAMqUKW%2Fa%2BWh8wUdQrLsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a61a919cea09bd0-FRA
statustext
OK
bundleJQuery.min.js
oncorretor.com.br/scripts/bundles/ 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
614c2c16836adff497003759038d70809d2413f3e54da26e0400625cea2804d0
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:58 GMT
server
cloudflare
etag
W/"03decc243ed91:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bX%2FLLO4U0wLNwN%2BsqFrTGD7mCVDkGRn0lFnE4Bio4mCRwPGI%2FzA6etBN0NzUH4UhcjCWmB5uQSC77%2Fzv9KF5QsUSaN2A4F8gJ%2BHMhkKYoTTBAuvQ4IYZ05dPTdcWYdBD%2FgLdtsnxje9c0m9LV8EtBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a61a919cea19bd0-FRA
statustext
OK
bundleCustomUI.min.js
oncorretor.com.br/scripts/bundles/ 		257 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleCustomUI.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d36bf5cd9297a7fceb45510c912556bce0f00977be215b9617da5a9cccb7ff0f
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:58 GMT
server
cloudflare
etag
W/"03decc243ed91:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlnysLxR7zo3eCEKC2JEb6nUbL23G%2FN4pGXf%2F0znVcoA%2BKvcg9xj94Xe3GdzJmNiypZ96QU73ESJLVIv%2BmAoqNLit9Ez1YpN7s%2Bs6pdd%2FIqAJNVHxNhyhWNCDMiPn5DnaGaxUGE17%2BNLq1HxJt6Q1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a61a919cea29bd0-FRA
statustext
OK
bundleMst.min.js
oncorretor.com.br/scripts/bundles/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleMst.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
26e3c64b00ad8007a54332911a6c5a67c1a7d6303e51d7f24b90ee6fa91f1297
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:58 GMT
server
cloudflare
etag
W/"03decc243ed91:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABXVT0HWFIfnmDyq1XLp7PAJUYF0EUlhMUKJqcE01LTEN7skLK5h6KJDdL%2FbGvLevOd6lvDon1jOJR6iX1HbzuVvw0t0Ui459nyLERQT2dFVojoVGGcuEGG9amW0gFOKEyG8UpjP4snopat8Rd0lqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a61a919cea39bd0-FRA
statustext
OK
echo.min.js
oncorretor.com.br/scripts/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/echo.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
21466243c4482fa9843b9b7bb460076520cab54532c018a86c9151db666bac40
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:58 GMT
server
cloudflare
etag
W/"fd334ec343ed91:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrUHyj39R9dAgmiY9a2KAbykc0VL145W4WGG9lEEcdz7Um6PpCrDdTiIEhEealRH5yJMocekJZukh1MM5Xz5S8mHUTW8sWgkxXgxqnXyH5KXG%2FEV50BziEhX5AAq7tktvOHbYqLFGEYyDOvwqMQ4tA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a61a919cea49bd0-FRA
statustext
OK
ajax-loader.gif
oncorretor.com.br/Content/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/Content/images/ajax-loader.gif
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3208
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:44 GMT
server
cloudflare
etag
"7cc19fba43ed91:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKG2RpNZSqIGj7VdgTCjoK3uigodwucicIjxPhyBByGStRwVO1dWTwswENgNop3n0XXinYBSdD42cy7Dw9dAzU%2FxnTgni7KOqrbI1tcBSkwqt%2BdqsyKAWHYCh9S0KBsBM67byBZK9Je4QsLCusALNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7a61a91dbf212c39-FRA
statustext
OK
http_imgload1.gif
oncorretor.com.br/content/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/content/images/http_imgload1.gif
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e60853622a54f85bfb4bab4c133c54e3a304386dfb19c23c8512d10e50d56bf4
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1460
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:44 GMT
server
cloudflare
etag
"3486a4ba43ed91:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVSCCN4cCtEJSfNfOywRCgl1V24DaWSO7c4mzJIycllkVr0ELtcAzjN%2FPApxNuy02osoO3XAFGXYu%2FGQ8RFDvnCshjYbZYQiZbkwOen6QjFyjY7VapdgsbpF4QJ0m9O%2F9saWyWglZRHpnqYhMeYlyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7a61a91dbf222c39-FRA
statustext
OK
ico-headset.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		403 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-headset.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
1c08d75229d36229f9db2aac485b2fd3d0a48c787afecbbbb8058d3fa0cda8d2
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:27 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUK0aCuKhJrp0KYoMiXv3K9A4BqNOfKBrQJyssYnQmu6CvIpJaFU85qf%2FyI5yXyDlaUPmTxb%2Bvb%2FWWO2yGLxkI8kGwa1855FvS1Fu%2BAQaKn0mLBZemNF2RHzxuRrz9IGdC3XeXYCz1DjsYebGt3zsDHN9zlcojloLH7Q"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a920de0b9bd0-FRA
statustext
OK
ico-whatsapp.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		503 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-whatsapp.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
4fbe0518411a4427a60e5e7baf7c1b2d11731efd024cb239333ac0d530506456
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:26 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUvQhwgjognG379Tv2MhpMTgWf9qZZj2XAR3iHr17IUPamUHgu%2Bi%2BkO92drW%2Ble0bn0eSGPLKROthwxz0TkKfbQWEmIMpiDKS%2BHFB8kDQqA6GWTmoGpW89CxAElJXkAQ0GYhPFNSZlvXVq7Mzs%2BlmQpzJDeaixvc0MBy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a920de0e9bd0-FRA
statustext
OK
ico-usuario.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		798 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-usuario.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
37f117fe797c82efbddf3dc26f13fa2a5e95897ea8d9b695de7caf206dd27565
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:28 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOTMejrw9Gl71wEO%2BC9hFNfi%2BwWwdzzGR75sh8mzblRs%2BxXTJpyGysOo3VUsYev2wtsZV9DjT8EdHhGNnz59AcS52vsGdsGBIcEmHz8X5AsT0v75IH9pkv%2B79P1teiDnGiOUgWlEcR6Rr1VtRFU9kpuYvMqSBN131TDi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a920de109bd0-FRA
statustext
OK
ico-suporte.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-suporte.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
ebfd38a16291aa6acd56699f5839b9c6adc54be515d77bc8b25ac0d044e029ad
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:11 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmwhYPTIJsOf9ykXOxE7AuxikFDlF5m1XWs2NWukkS85k3fr8KY4vTvBK%2BmXcb3gtHvUMUjdloeZ8f9B60gesp36xPMNomWZcH9mIaudiSyiDj7MFfpp%2FO9E%2F5gJYmz%2FrWZ%2BMsAB3bjRqi%2B%2FnZYFzNMdw%2FtZrrr7ySec"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a920de129bd0-FRA
statustext
OK
ico-produtos-prontos.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-produtos-prontos.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
cfbb7d3aee4af4a0846149bd38dd50b4d12c624a20952150cc60159176a977fb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
115898
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Mon, 27 Apr 2020 12:07:26 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbjEjvSOXwAlLrXWj40LnXjtkcZ3u1XllPUsg66x4CG%2Bf7FCz1nVaawYmk3pJPm2MX7Z%2BCOV24gQJWv5hFrspdx0vT%2F8sxom3eYCa2TdGafSY7bI8eRDoG57OxvEjhtQB1BaexAVWRb%2BZpKcTuqtE1xu6rldWM9zSX5d"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a920de119bd0-FRA
statustext
OK
ico-potencializa-presenca.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-potencializa-presenca.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
055740ee6c82f82a64354b7916b547e6946ba467dbbf6bf0c1c4eae0eaaedbaf
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Mon, 27 Apr 2020 12:19:22 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FE5POIze47RyEXU%2BYgJuHNWpDGPeUXC94y5Fs1YZtzhgjXkZBMIyzPR9Wdc3iSi7ecFu0M53W8ClYUXpHFJ4fl%2BeIa2fo3b1yOS8pdmjqxWjp%2Fbr4q58YX2jQs0mq5kVNEeStmQzEaWuVw%2FT22sn6zzeiV2PDmC9R1X"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a920de139bd0-FRA
statustext
OK
ico-email-mkt.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-email-mkt.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e3c408ae38a005bd07ee5354fe2e349e6578ed9d28ac65af523486e4873df4ea
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:12 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWLnLiEd8FSR2uX37ia0cfwTk9jUU7JoiGC3iAC1MwiPGQtZBNnodsD69Ija948uVWT1MZqZEpuRo4377EYccewBQnwwdfdJ0kZ8kLTvg80Z%2BNGJbGpRLfeeINgB0T%2FfaNLAwL%2BJaPcm4MGhOjS6Mnq4SILOWYQLP0h2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a9211afe2c39-FRA
statustext
OK
ico-cofrinho.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-cofrinho.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
41dfba8c597663a81aa3b5685cbfeb86ec2eb49ac5663bd3232f0aa42862ffcb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:11 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gp2D%2BLK9M9R%2BpcufySSDlNqfZJV%2BfsiwKsXxPCnoCZKJDOUG%2B%2BJA94XaybU%2FCdGrc46voDEqCGVBpzpK1ExayCcY5BaZ6%2FH38usb8u3S6Fs3%2Fptb7IOyUv%2BYXAwex56oWp6DYlp1ZssteJhGypboUdhRleDiOT85Ugh9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a9211b002c39-FRA
statustext
OK
ico-usuario-md.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-usuario-md.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d69055c0bb25f88931abe7a5483ed1a66744a3b2960586c2d93891015a1d3b94
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:17 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjSJhjnvq5COT7UZCj7yiHh8CB5qptJ6eYGU%2B2n%2B1lrFrXZOKldq59KPivlkd8nliugwOXb0XfOFSkgHX%2FMuaqhLC65zBqDYQHAro%2BpwmIf3kTNx1uD8pmucumQWxM%2BCPrNcSEeL9s8h59KC%2BvUuoxD7xsHknxStKlRx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a9211b022c39-FRA
statustext
OK
email-decode.min.js
oncorretor.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Mar 2023 22:56:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6407c11e-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HzQAE8G8bTZoZ8JvbfOPBD81aDk4Y%2BqpY9Jw2ifyHI6O%2B5iSW9NfwqQ5nAW0Hj0OgOXdTFMPDFelM0a2lTskvUqi5el7rJqttB27T4PeGkp%2BcVd4FJtemZQ%2BsmJuB40aVhGEzeMeqbsgTIkPyI%2FMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7a61a91daf0c2c39-FRA
expires
Mon, 13 Mar 2023 06:15:02 GMT
css
fonts.googleapis.com/ 		14 KB
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd21558475c8a56e2b38af04d85c7d27d0bfec6b38c9c5f0d6216d4341da481a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Mar 2023 06:15:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Mar 2023 06:15:02 GMT
icon-zapzap.png
oncorretor.com.br/Content/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/Content/images/icon-zapzap.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
b2921cdf4de2dc6ade3d36eeb95dce7cd56bfdac50c346fcfe50cbf7d799b1f9
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19212
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:44 GMT
server
cloudflare
etag
"29e6a6ba43ed91:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKFxgTnWP1t0r1X8YC8x3QUmZUsOrjebunjnZh%2FChOs8svsuJHz9BiliUACwoRwFHxVpLPyoowLbtidQY%2FuUT4zkQ%2FaszjQOi5q%2BEuMsVMDr5pXsBz2PQsplXu3%2F3lV%2FAJcf6gAD9miuGIH21P8a3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7a61a91dbf232c39-FRA
statustext
OK
bundleUnobtrusive.min.js
oncorretor.com.br/scripts/bundles/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleUnobtrusive.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
ce6187956822e965a48b8f8d5af506c9308282cea73c424c3573013c09c87adb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:58 GMT
server
cloudflare
etag
W/"03decc243ed91:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBHCq8KJF0ZE6m6pmn69MurtfWnLbh0RCBCDLvp5G%2FTbOJJlITIjd2xW8xQ13aNreZKqnAUsOk8Vifm0nxifmSK0DRlKmy89huKsfUv%2FcyThiJVDtZuHFYmA%2F3R5nhOggaA3J85fU7CzvYr3dN2xPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a61a91dbf1e2c39-FRA
statustext
OK
4a4794da-bb8f-4f22-9f90-361901d2867b.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/4a4794da-bb8f-4f22-9f90-361901d2867b.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Mar 2023 06:15:01 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
ZAKwUaFYEsEwrgOPhKB5IA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1083
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:36 GMT
server
cloudflare
etag
0x8D86548C9A2AE38
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c025c44c-101e-0032-34f1-517c4b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a61a91d1b11b74c-AMS
css
fonts.googleapis.com/ 		328 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
602e6102a9d386bf6321e43dc289605c5c3d413f98a84abcf9addae89633e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Mar 2023 06:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Mar 2023 06:15:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Mar 2023 06:15:01 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		74 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498b9857c51790a045b6b127fe4f95ef72e86dffd41b71f1d14d149a33e11b28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://oncorretor.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7a61a91d8b5cb74c-AMS
access-control-allow-headers
Content-Type
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 11 Mar 2023 06:14:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
17
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sat, 11 Mar 2023 08:14:45 GMT
PortoRoobert-Medium.woff2
oncorretor.com.br/content/themes/base/fonts/porto-robert/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/porto-robert/PortoRoobert-Medium.woff2
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
41bba2536c7561e281809703bf9437582bfa1ce4862a9fbd80a5778d773e9f60
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23900
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:53 GMT
server
cloudflare
etag
"34af31c043ed91:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3Gte8A6EkbY8RCQSSQdNt8PNw%2B%2BxnfeD4wWmnQBHDXo6I9WxRmBMhk8K3Z64rHOrPxJHI5wdinv31pPP%2B967zf1uzxYGsTBgf0TBWYaMQG3MgonM8A88SPgolqCifTQ6nFTpE501Ibvz2PHj%2BpOxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7a61a91dcf352c39-FRA
statustext
OK
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/ 		338 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Xs4BplpA7QV+zkRYpo3+wA==
age
45000
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
73082
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:31 GMT
server
cloudflare
etag
0x8D854CC113CF89C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
71096228-e01e-0068-59e4-517aca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a61a91decb80e70-AMS
expires
Sun, 12 Mar 2023 06:15:02 GMT
/
api.ipify.org/ 		67 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=jsonp&callback=jQuery171033141940777488865_1678515302068&_=1678515302083
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.185.227.155 , United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-227-155.static.webnx.com
Software
/
Resource Hash
69768ce07c64fcb0ea6affc0a7ecd2b64d9d14948b7f65b2a7b7eb08c380477b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:03 GMT
content-length
67
vary
Origin
content-type
application/javascript
banner-home1.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		661 KB
662 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/banner-home1.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
546cd586e691a114a7dd6a258b7c1e07561b3232226375dc54d80133d687a1f8
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:17 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqgmlzZdf1grpOUNeGLiaIJNUMGGG2j8psP5gy6iGSg3sjvSAuCcGTF0OLB53X5Q1VqVZlpQbpK31e1dZBD4P1GBWRR6klg10Aar2DxjauUqCjqr7%2F244WvW6nxpyZSjS3kSRTRpPGc%2Flmyjjq7jYNyF1r28l41iKAJq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a920de0f9bd0-FRA
statustext
OK
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21bcdb45a9da93f60db773abfc0660347b15f2f363baacf2b2be56747befc3d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 09:02:16 GMT
x-content-type-options
nosniff
age
162766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17576
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 09:02:16 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40f23f7fb2798d8febd60d5c42ea1694370b18e5fe91fbe7783df98358d7973b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 10:28:49 GMT
x-content-type-options
nosniff
age
416773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17684
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Mar 2024 10:28:49 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34a693cbdc7707515a18d4a070c9422d9ffa212148ffc19407e7da937e0bffc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 23:01:15 GMT
x-content-type-options
nosniff
age
112427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13340
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 23:01:15 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a31dd135b233457652c1f5373c3eb05202bf106bef31f0a6a46654e5235f7719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 16:53:10 GMT
x-content-type-options
nosniff
age
220912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60552
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Mar 2024 16:53:10 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0668f33995f935ba82833d444f697f83d9bc10829895199f30aed5eb63ee4c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 11:17:21 GMT
x-content-type-options
nosniff
age
154661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18900
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:03:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 11:17:21 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c79f1d4b1143b7b00fc82fbc8d80557525d7d127e0203a90ba23fbd8578fedee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 15:35:17 GMT
x-content-type-options
nosniff
age
139185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60536
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:04:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 15:35:17 GMT
NFhZ1WJYYy0
www.youtube.com/embed/ Frame E7C7 		70 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ce1cdac3a5a5ba111d401a5a1883fb42843e49d55241e1dcae45ec68eb346d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oncorretor.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 06:15:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 05:05:33 GMT
x-content-type-options
nosniff
age
176969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 05:05:33 GMT
4a4794da-bb8f-4f22-9f90-361901d2867b.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/4a4794da-bb8f-4f22-9f90-361901d2867b.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
ZAKwUaFYEsEwrgOPhKB5IA==
age
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1083
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:36 GMT
server
cloudflare
etag
0x8D86548C9A2AE38
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c025c44c-101e-0032-34f1-517c4b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a61a91e5bf6b74c-AMS
multicanal.woff
oncorretor.com.br/content/themes/base/fonts/multicanal/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/multicanal/multicanal.woff?enk4db
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d3ca7c93e7081f8c75b63c797e61736d4e4939fce38c0b0e54c25efb8747a55f
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3340
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:53 GMT
server
cloudflare
etag
"e44c2fc043ed91:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9o1aeNh3mNCqkRwedup0dS7TljLbVnlDHrgB7Xj5G4u9mkGI6A5%2BcT7LPwdwfZxygHSezdNCQAdybH51Ygxs8CoAlqw1Qisi4AX5WV6f%2FQC1MpuKd80l06I8jJowly5ADVK5P%2Fzcju%2F%2F9%2FF%2FexXR3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7a61a91e6fc12c39-FRA
statustext
OK
taoui.woff
oncorretor.com.br/content/themes/base/fonts/ 		100 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/taoui.woff
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
abff1010af6774dbb9d1c68772e63a66f95b2aeb273af6b272ddc6cc6f9b6cf8
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102464
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:53 GMT
server
cloudflare
etag
"d22528c043ed91:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gV4Pd%2Bl%2FVsxFj3jU86OBh0J2fAAo00bWD5WJGlSr1GW44IDkAuQdIvyhpOwYwhrdg3vGe7yq0lkqmsZhr%2BkGov7NXwgfAezVAzJfjonDyDKIuG%2BTZFzTGAUUj2RuTCeVShV3%2FRGPQR0TwXmJT8ka8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7a61a91e7fd32c39-FRA
statustext
OK
ms-social-icon.woff
oncorretor.com.br/content/themes/Tema_VinteDois/fonts/ms-social-iconfont/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/Tema_VinteDois/fonts/ms-social-iconfont/ms-social-icon.woff?osj28
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
1e3e738cbaa772a437bd8bd392009a42523e6016fcc8cbd526c57c8f57be3142
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4576
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:56 GMT
server
cloudflare
etag
"2056cc243ed91:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hq2AZhZDP%2B6JJHIDboH%2FwMaLT1eDX7mmBNsAJYxekW5vvXP3SDidvX9zhh6wq8PcxX6Qv0eAiuk4aStAPOjKNjtVOLlNOaegb%2FJgFpoS%2BhW3hGjOru%2F9cJq5THSZznLuuegL2YtUXaD5qiLLdoh2Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7a61a91e7fd42c39-FRA
statustext
OK
pt.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/ 		20 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/pt.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
pD91Xah8p1mVB+xlu8vNyg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7803
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:39 GMT
server
cloudflare
etag
0x8D86548CB345E78
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8dfec5dd-001e-002d-50be-52a75b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a61a91e7c11b74c-AMS
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=845742555&t=pageview&_s=1&dl=https%3A%2F%2Foncorretor.com.br%2F&ul=en-us&de=UTF-8&dt=OnCorretor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=752445091&gjid=794223203&cid=506251008.1678515302&tid=UA-56771285-5&_gid=1100906955.1678515302&_r=1&_slc=1&z=1362382557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oncorretor.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Mar 2023 06:15:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oncorretor.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		74 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498b9857c51790a045b6b127fe4f95ef72e86dffd41b71f1d14d149a33e11b28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://oncorretor.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7a61a91eac47b74c-AMS
access-control-allow-headers
Content-Type
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-56771285-5&cid=506251008.1678515302&jid=752445091&gjid=794223203&_gid=1100906955.1678515302&_u=IEDAAEAAAAAAACAAI~&z=1237595284
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oncorretor.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 11 Mar 2023 06:15:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oncorretor.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pt.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/ 		20 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/pt.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
pD91Xah8p1mVB+xlu8vNyg==
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7803
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:39 GMT
server
cloudflare
etag
0x8D86548CB345E78
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8dfec5dd-001e-002d-50be-52a75b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a61a91eeccbb74c-AMS
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otFlat.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
R7qOr1WClmhADOzbz5s+Bw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3248
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:20 GMT
server
cloudflare
etag
0x8D854CC0AEB8866
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
715b46ff-501e-003e-372b-5392ba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a61a91efcd8b74c-AMS
expires
Sun, 12 Mar 2023 06:15:02 GMT
otPcTab.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		57 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otPcTab.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Mg7iJdVoxVGmqw/VwCobbQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14112
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:22 GMT
server
cloudflare
etag
0x8D854CC0BEE9132
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a79c1da4-f01e-0033-2ee4-517db6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a61a91efcdab74c-AMS
expires
Sun, 12 Mar 2023 06:15:02 GMT
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otFlat.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
R7qOr1WClmhADOzbz5s+Bw==
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3248
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:20 GMT
server
cloudflare
etag
0x8D854CC0AEB8866
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
715b46ff-501e-003e-372b-5392ba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a61a91f3d0fb74c-AMS
expires
Sun, 12 Mar 2023 06:15:02 GMT
otPcTab.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		57 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otPcTab.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Mg7iJdVoxVGmqw/VwCobbQ==
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14112
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:22 GMT
server
cloudflare
etag
0x8D854CC0BEE9132
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a79c1da4-f01e-0033-2ee4-517db6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7a61a91f3d10b74c-AMS
expires
Sun, 12 Mar 2023 06:15:02 GMT
www-player.css
www.youtube.com/s/player/21246a91/ Frame E7C7 		401 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92d01b373b5e2bf12dc6da7768d80484fcd4c6bc3f332cd13f3b5ca237618166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52577
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Mar 2024 06:04:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7C7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 15:27:04 GMT
x-content-type-options
nosniff
age
139678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7C7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 18:28:44 GMT
x-content-type-options
nosniff
age
215178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Mar 2024 18:28:44 GMT
www-embed-player.js
www.youtube.com/s/player/21246a91/www-embed-player.vflset/ Frame E7C7 		345 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68d1e389efacae77b03ff9bffaa6ce790b9da9d9fc1e8aa8bb4ab39b5bfb72c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 04:08:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
7604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109885
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Mar 2024 04:08:18 GMT
base.js
www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/ Frame E7C7 		2 MB
609 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa8c941d0daa119bb188976df76af7e97a284d83abfd4ca8a29299956cb00df5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 04:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
5323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
623161
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Mar 2024 04:46:19 GMT
fetch-polyfill.js
www.youtube.com/s/player/21246a91/fetch-polyfill.vflset/ Frame E7C7 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 05:25:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2993
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Mar 2024 05:25:09 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-56771285-5&cid=506251008.1678515302&jid=752445091&_u=IEDAAEAAAAAAACAAI~&z=450409464
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Mar 2023 06:15:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-56771285-5&cid=506251008.1678515302&jid=752445091&_u=IEDAAEAAAAAAACAAI~&z=450409464
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Mar 2023 06:15:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg-video.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		0
0
ico-mais.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		0
0
bg-depoimentos-fundo-azul.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		0
0
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:32:46 GMT
x-content-type-options
nosniff
age
45736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 17:32:46 GMT
dailyaccess
oncorretor.com.br/sys/ 		0
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/sys/dailyaccess
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Accept
*/*
Referer
https://oncorretor.com.br/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

statustext
OK
date
Sat, 11 Mar 2023 06:15:03 GMT
x-aspnetmvc-version
4.0
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET, ARR/3.0
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKdeZriJMN2BOoyTUFXrX1AUWToVTyEoDqgTsntkSVS2F%2FpNPbpHMtinnKorvxZ5GcXyKslMRZD3CuARK%2Fu%2BsAI6Kbe2IPhU0uQV5GygSPuqZR10xyLxJKSA3U7Wkd9hUJlzvZscVi656fIg7GWAlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private
cf-ray
7a61a920eac12c39-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-ua-compatible
IE=edge
logo-novo.png
oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/logo-novo.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
955139a6a1bde39ba8e112a8b38f7c215573155230749bb62748ea5b91f55f47
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 12 Apr 2022 11:14:55 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHP%2Bv7yZQLNIQdqcXVNRhvHy3NlHPmP7oSbGAOu6%2B77oh6xSDsDiYI%2BjtSUTxDTusWONJodcmaiVOOQ%2FHDnf8qAmE3y6it2NtPJlBBxCYThT3ruiHCylYQTyQwcVdSz8gKin6XysbWECubjIRdVgag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=604800
cf-ray
7a61a920eac62c39-FRA
statustext
OK
PortoRoobert-SemiBold.woff2
oncorretor.com.br/content/themes/base/fonts/porto-robert/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/porto-robert/PortoRoobert-SemiBold.woff2
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
cc55d50d5533ee1a4fd2e6e51987ea8f876adc06b48f94f26ba759047ee7b6ba
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29184
x-ua-compatible
IE=edge
last-modified
Mon, 12 Dec 2022 16:06:53 GMT
server
cloudflare
etag
"34af31c043ed91:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOK%2F29DwwKdFGtNAHYBAMhwQnR0%2Fm%2FEQkCpEPa4Urw3hotKGjo0gucPVI97abe6%2B2aK9JbWdLDQEA%2FDIlLvNEAOo%2FKJW5fmddct2ix9mlbCA52US%2B52gEb3uoIHP7NthS8Ywhrx1w7u89egRVKN9aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7a61a920fad62c39-FRA
statustext
OK
id
googleads.g.doubleclick.net/pagead/ Frame E7C7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21247c19d7b2345e66c636bf782cb7a72134e9743acec4d7c3030b6a58adf5d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 11 Mar 2023 06:15:02 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame E7C7 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:04:30 GMT
x-content-type-options
nosniff
age
632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Mar 2023 06:19:30 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 11 Mar 2023 06:15:02 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E7C7 		65 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ecf6cb3f574ad82ef9d84252812b445e83d8a55164a56391447873ec558d7aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30423
x-xss-protection
0
remote.js
www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/ Frame E7C7 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8ae42f733c8bbbed69b6703614e7b8ab63fa4b6d6a667f8a67860a231b18dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 22:45:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
26946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36448
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 09 Mar 2024 22:45:56 GMT
UpDVxjQwzWUo-r_NxGFe3uDBrSa_iYttqpPczkaBI2I.js
www.google.com/js/th/ Frame E7C7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/UpDVxjQwzWUo-r_NxGFe3uDBrSa_iYttqpPczkaBI2I.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5290d5c63430cd6528fabfcdc4615edee0c1ad26bf898b6daa93dcce46812362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
125416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14032
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 12:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Mar 2024 19:24:46 GMT
hqdefault.webp
i.ytimg.com/vi_webp/NFhZ1WJYYy0/ Frame E7C7 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/NFhZ1WJYYy0/hqdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19c8e4a779d69e8a000b558766466ef9d732f554170eae795bf2570b7be02f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
x-content-type-options
nosniff
server
sffe
etag
"1587730858"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8612
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 11 Mar 2023 08:15:02 GMT
embed.js
www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/ Frame E7C7 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b281779315105fbfd475319632dffefe44bb286de49d80271c01579c1e1d4786
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 17:12:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
392550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8562
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 05 Mar 2024 17:12:32 GMT
truncated
/ Frame E7C7 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJXO357ZIKWjw3gq1_hecAXBLe4UNapnjFoceQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E7C7 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AL5GRJXO357ZIKWjw3gq1_hecAXBLe4UNapnjFoceQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dc91aba1c20d01aeba865b192be8f66177a3f04a7d77f06dfc7763369a0941f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:03 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1264
x-xss-protection
0
expires
Sun, 12 Mar 2023 06:15:03 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E7C7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 11 Mar 2023 06:15:02 GMT
generate_204
www.youtube.com/ Frame E7C7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?7MDVpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/111/ Frame E7C7 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/111/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 16 Jan 2023 16:05:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 11 Mar 2023 14:58:13 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E7C7 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
729abaa995cf2610dc6699905cd79f8e077d1fe9a287b8fcb3d197db935fad0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 11 Mar 2023 06:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 11 Mar 2023 06:15:03 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame E7C7 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time
1678515305034
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
X-YouTube-Client-Version
1.20230305.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtIY25KV1M2Y1FrNCjmuLCgBg%3D%3D
X-YouTube-Ad-Signals
dt=1678515302454&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C700%2C394&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 11 Mar 2023 06:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sat, 11 Mar 2023 06:15:05 GMT
banner-home2.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		715 KB
716 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/banner-home2.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d69a134b0217c76f17237a5a4c240a63b085f3013a5e5d2490a81ada18704459
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:24 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRPb7N90iuXy6zQvh%2BsqKi2V3SKrnlbPcXVSN093H5MdtqcFJg%2F6apvhsWuFMJhx33%2FnBRMPAem2zAjWg%2FM%2BdAY9ZTn4buUmcRhw%2FWc3e3%2Fh8LS130FCzX0xZLOBVSwXpASRTjfJ4vdNpj2SBlWkrnB3g856rEIXPDPL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a952ecfe2c39-FRA
statustext
OK
banner-home3.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		751 KB
751 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/banner-home3.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
c777e17454abc26c596be102e4d0135fc7cfabeda67a3c78c5cd3bc641d1bd1c
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 06:15:19 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:22 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cu3ocy9apYGmTZuv7oFmBsy7cU%2Ffu%2B6fK0q5cRq614WLzixVDAqN%2BD6jZ4OobgNAV8jHIXBdbSDpYfXEP06Hs3KFXTAqhObzyPVx5K29diw%2Fnbh0pA2mkdFSLlrGHBoqovQEzEroAY9LcNc0hZ8SvUlFHo1%2B9pvc608y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7a61a984ee7b2c39-FRA
statustext
OK

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t-construtor.mstech.com.br
URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/bg-video.png
Domain
t-construtor.mstech.com.br
URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ico-mais.png
Domain
t-construtor.mstech.com.br
URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/bg-depoimentos-fundo-azul.png

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| OneTrustStub function| OptanonWrapper string| GoogleAnalyticsObject function| ga function| RemoverClasseImgLoadDataEcho object| _arrMaps object| html5 object| Modernizr function| yepnope string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData function| $ function| jQuery function| ShowLayoutEmpty function| ValidateCpf function| ValidateCnpj object| tao function| isMobile function| NodeInfo object| jQuery171033141940777488865 function| $DNA_Web function| $DNA_Page function| $DNA_FUC_InstallPKG function| $DNA_Application object| echo string| ip boolean| allowCookie function| aceitarCookie boolean| existeMensagemAviso function| fecharModalMensagemAviso function| setCookie function| getCookie function| checkCookie undefined| jQuery171033141940777488865_1678515302068 object| Video string| css boolean| first boolean| chatNaBarra function| mostraChat object| barraMulti number| alturaBarra undefined| divChat function| jivo_onLoadCallback function| jivo_onOpen string| eventType string| eventTypeTel object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Optanon object| OneTrust number| webId boolean| fullScreen boolean| aparenciaComFundoImagemTopo function| requireWidgetScript function| countClickVendaOnline function| contaBarra function| bindVideoFullScreen function| onVideoFullScreen function| AtualizarImagemFundoTopo function| abrirModalLoginCorretor function| redirecionarParaLoginCorretor function| validarModalLoginCorretor object| app object| $T

11 Cookies

Domain/Path Name / Value
araujodiascorretora.com.br/ Name: .ASPXANONYMOUS
Value: uJlU6oQZGkMzdMAN-rEclCTja4t7XQNlliWjIYZLjMJ4oU6LNhIzc3PpPthn6lg2tVA5NSihTZoU65L2uEAIZ35qSXbbbkJLA5Ga4hp4of6A6R8ONFGdaZowSnmbJMF-6r1SX3NsSPn2BA4yt0MC-A2
.araujodiascorretora.com.br/ Name: OnCorretorAffinity
Value: 79df80744d23799ed90d56191c3ef493022f074b9b4f1d1d4d46c94b65d04224
oncorretor.com.br/ Name: .ASPXANONYMOUS
Value: nSB7a9XOfjpnPBICAHpKZA7Otpa4Df_KnFlMPPa3et2k8yM-iCXjs-vpOHVmdC8AtexMmzahevzQ-ejnlUGV88nIMOJcSCAQBBmmkdJR1uEe_GnbIVgT76t2lV-ewmLfUniV2gRwBCxCWxWKKxfi6A2
.oncorretor.com.br/ Name: OnCorretorAffinity
Value: 79df80744d23799ed90d56191c3ef493022f074b9b4f1d1d4d46c94b65d04224
oncorretor.com.br/ Name: popup-mensagemAviso-aberto
Value: 0
.oncorretor.com.br/ Name: _ga
Value: GA1.3.506251008.1678515302
.oncorretor.com.br/ Name: _gid
Value: GA1.3.1100906955.1678515302
.oncorretor.com.br/ Name: _gat_newTracker
Value: 1
.youtube.com/ Name: YSC
Value: nAi_IUdHNrE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: HcnJWS6cQk4
.oncorretor.com.br/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Sat+Mar+11+2023+06%3A15%3A02+GMT%2B0000+(GMT)&version=6.6.0&hosts=&consentId=d865692d-7dd4-4e53-a84d-6f528e1266a4&interactionCount=0&landingPath=https%3A%2F%2Foncorretor.com.br%2F&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options AllowAll

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
araujodiascorretora.com.br
cdn-ukwest.onetrust.com
construtor.oncorretor.com.br
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
oncorretor.com.br
static.doubleclick.net
stats.g.doubleclick.net
t-construtor.mstech.com.br
www.google-analytics.com
www.google.com
www.google.nl
www.gstatic.com
www.youtube.com
yt3.ggpht.com
t-construtor.mstech.com.br
2606:4700:3037::ac43:a841
2606:4700:4400::6812:2b9e
2a00:1450:4001:806::200e
2a00:1450:4001:808::2016
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9a
2a06:98c1:3121::3
64.185.227.155
055740ee6c82f82a64354b7916b547e6946ba467dbbf6bf0c1c4eae0eaaedbaf
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
19c8e4a779d69e8a000b558766466ef9d732f554170eae795bf2570b7be02f90
1c08d75229d36229f9db2aac485b2fd3d0a48c787afecbbbb8058d3fa0cda8d2
1e3e738cbaa772a437bd8bd392009a42523e6016fcc8cbd526c57c8f57be3142
21247c19d7b2345e66c636bf782cb7a72134e9743acec4d7c3030b6a58adf5d5
21466243c4482fa9843b9b7bb460076520cab54532c018a86c9151db666bac40
21bcdb45a9da93f60db773abfc0660347b15f2f363baacf2b2be56747befc3d8
228e5724f42da8822bb4c023aa371dd929c43657c76a7a0cb6b13f555a29f79a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26e3c64b00ad8007a54332911a6c5a67c1a7d6303e51d7f24b90ee6fa91f1297
275b9876fa1f727a6c8b4307f0817aa7bf57880d286b14aad6828e433f9e7a41
29a33a79af48c8ad7d48d1a3855b17c954160b7c68a2b0213236330b61e8149e
34a693cbdc7707515a18d4a070c9422d9ffa212148ffc19407e7da937e0bffc4
37f117fe797c82efbddf3dc26f13fa2a5e95897ea8d9b695de7caf206dd27565
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40f23f7fb2798d8febd60d5c42ea1694370b18e5fe91fbe7783df98358d7973b
41bba2536c7561e281809703bf9437582bfa1ce4862a9fbd80a5778d773e9f60
41dfba8c597663a81aa3b5685cbfeb86ec2eb49ac5663bd3232f0aa42862ffcb
4668c1865157dba21d7a7e72a1007e3513a59c16eee8a1740f6c2faa69ff83e9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
498b9857c51790a045b6b127fe4f95ef72e86dffd41b71f1d14d149a33e11b28
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4fbe0518411a4427a60e5e7baf7c1b2d11731efd024cb239333ac0d530506456
5290d5c63430cd6528fabfcdc4615edee0c1ad26bf898b6daa93dcce46812362
546cd586e691a114a7dd6a258b7c1e07561b3232226375dc54d80133d687a1f8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
602e6102a9d386bf6321e43dc289605c5c3d413f98a84abcf9addae89633e1cc
614c2c16836adff497003759038d70809d2413f3e54da26e0400625cea2804d0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68d1e389efacae77b03ff9bffaa6ce790b9da9d9fc1e8aa8bb4ab39b5bfb72c4
69768ce07c64fcb0ea6affc0a7ecd2b64d9d14948b7f65b2a7b7eb08c380477b
6ce1cdac3a5a5ba111d401a5a1883fb42843e49d55241e1dcae45ec68eb346d5
729abaa995cf2610dc6699905cd79f8e077d1fe9a287b8fcb3d197db935fad0b
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
8da30421af9bdda9d9ffa1e2a02f91c4b8b4e6983cb3c9e559627d96ab710d2c
92d01b373b5e2bf12dc6da7768d80484fcd4c6bc3f332cd13f3b5ca237618166
955139a6a1bde39ba8e112a8b38f7c215573155230749bb62748ea5b91f55f47
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
a31dd135b233457652c1f5373c3eb05202bf106bef31f0a6a46654e5235f7719
a8ae42f733c8bbbed69b6703614e7b8ab63fa4b6d6a667f8a67860a231b18dc3
aa8c941d0daa119bb188976df76af7e97a284d83abfd4ca8a29299956cb00df5
abff1010af6774dbb9d1c68772e63a66f95b2aeb273af6b272ddc6cc6f9b6cf8
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b281779315105fbfd475319632dffefe44bb286de49d80271c01579c1e1d4786
b2921cdf4de2dc6ade3d36eeb95dce7cd56bfdac50c346fcfe50cbf7d799b1f9
c777e17454abc26c596be102e4d0135fc7cfabeda67a3c78c5cd3bc641d1bd1c
c79f1d4b1143b7b00fc82fbc8d80557525d7d127e0203a90ba23fbd8578fedee
cc55d50d5533ee1a4fd2e6e51987ea8f876adc06b48f94f26ba759047ee7b6ba
cd21558475c8a56e2b38af04d85c7d27d0bfec6b38c9c5f0d6216d4341da481a
ce6187956822e965a48b8f8d5af506c9308282cea73c424c3573013c09c87adb
cfbb7d3aee4af4a0846149bd38dd50b4d12c624a20952150cc60159176a977fb
d0668f33995f935ba82833d444f697f83d9bc10829895199f30aed5eb63ee4c5
d36bf5cd9297a7fceb45510c912556bce0f00977be215b9617da5a9cccb7ff0f
d3ca7c93e7081f8c75b63c797e61736d4e4939fce38c0b0e54c25efb8747a55f
d69055c0bb25f88931abe7a5483ed1a66744a3b2960586c2d93891015a1d3b94
d69a134b0217c76f17237a5a4c240a63b085f3013a5e5d2490a81ada18704459
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
dc91aba1c20d01aeba865b192be8f66177a3f04a7d77f06dfc7763369a0941f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c408ae38a005bd07ee5354fe2e349e6578ed9d28ac65af523486e4873df4ea
e60853622a54f85bfb4bab4c133c54e3a304386dfb19c23c8512d10e50d56bf4
ebfd38a16291aa6acd56699f5839b9c6adc54be515d77bc8b25ac0d044e029ad
ecf6cb3f574ad82ef9d84252812b445e83d8a55164a56391447873ec558d7aad
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629